The National Security Agency has published updated guidance for organizations interested in transitioning to a Zero Trust cybersecurity framework, with a specific focus on preventing unauthorized access to data in transit and at rest.
NSA recommendations include encryption, tagging, labeling, data loss prevention strategies, and the use of data rights management tools. The NSA's proposal is intentionally consistent with: zero trust framework We help government agencies and businesses defend against increasingly sophisticated cyberattacks.
“Malicious cyber attackers continue to improve their ability to infiltrate networks and access sensitive data,” NSA Director of Cybersecurity Dave Lubar said in a statement about the attack. NSA Zero Trust Recommendation. “Assuming breaches will occur, implementing the pillars of the zero trust framework is the way to counter that activity.”
This focus on what the NSA calls the “data pillar” in the report is a continuation of the agency’s development of Zero Trust best practices, which it began when it first released it.Adopting a zero trust security model” in February 2021.
Just last month, the NSA updated its report Zero Trust Implementation Guidelines, we distinguished between macro-segmentation and micro-segmentation of networks. Macro segmentation targets workgroups and departments. Microsegmentation further separates traffic so that all users no longer have the same access rights. This is to reduce your organization's attack surface.
